Manifest

$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.mft
File:                     IWrR11qT4DeulPbJGJbS1YLY_1Q.mft (raw, json)
Hash identifier:          hGmPsbJcFJvb5am9C5SRmp5eBubDFWnp0z5zF39qBmQ=
Subject key identifier:   62:B6:4F:87:E9:7D:36:A2:F2:F5:CF:E7:77:E8:14:41:E8:F2:C5:9D
Authority key identifier: 21:6A:D1:D7:5A:93:E0:37:AE:94:F6:C9:18:96:D2:D5:82:D8:FF:54
Certificate issuer:       /CN=A91FDDD1/serialNumber=216AD1D75A93E037AE94F6C91896D2D582D8FF54
Certificate serial:       017F
Authority info access:    rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IWrR11qT4DeulPbJGJbS1YLY_1Q.cer
Subject info access:      rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.mft
Manifest number:          0171
Signing time:             Wed 23 Jul 2025 04:05:05 +0000
Manifest this update:     Wed 23 Jul 2025 04:05:05 +0000
Manifest next update:     Wed 30 Jul 2025 04:05:05 +0000
Files and hashes:         1: IWrR11qT4DeulPbJGJbS1YLY_1Q.crl (hash: ranfl/duYnz3hG2qy4D+htJcsxa7689X4d6xwCVwIQk=)
                          2: 838096CA3BD311EE84056461C4F9AE02.roa (hash: MRW+pxq2rIQWqz0eewlHDxgHTLGzIYysThVYJrp2BDc=)
                          3: 27DB37683BD211EE8094355FC4F9AE02.roa (hash: Fv5yzaRaYXm7EcaxJ9d0RT5up4myTdlO4UPvIXp3L88=)
                          4: 82C54A1E3BD311EE84056461C4F9AE02.roa (hash: mGJXgF/PKI9FEq/cPxsdqAyVl2gi74HVL2n1gwNWhDo=)
Validation:               OK
Signature path:           rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.crl
                          rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.mft
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IWrR11qT4DeulPbJGJbS1YLY_1Q.cer
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
                          rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
                          rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
                          rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
                          rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires:   Wed 30 Jul 2025 04:05:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 383 (0x17f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A91FDDD1, serialNumber=216AD1D75A93E037AE94F6C91896D2D582D8FF54
        Validity
            Not Before: Jul 23 04:05:05 2025 GMT
            Not After : Jul 30 04:05:05 2025 GMT
        Subject: CN=68805f71-0414
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:22:43:40:40:c5:ae:f5:cc:80:e6:93:18:f7:
                    1c:39:a3:40:94:29:8b:d8:64:58:25:4f:54:64:28:
                    5e:56:d2:d1:0d:fa:b5:a7:45:32:bf:26:6b:b8:b1:
                    48:76:ab:51:82:1d:a7:11:de:35:83:39:04:25:d3:
                    be:58:9f:71:59:38:52:34:0e:7e:34:db:4f:c5:42:
                    62:6f:52:e9:89:b8:3d:25:ae:57:d0:e2:1c:13:bf:
                    fb:b7:47:d2:57:7e:76:93:f3:6a:c4:6a:4b:da:c8:
                    d4:34:76:dc:5f:d4:b4:fa:2b:36:a0:76:fb:79:20:
                    fd:67:ce:72:f9:58:04:fa:74:63:23:aa:ae:94:5d:
                    10:5b:c9:71:2a:e7:d1:e8:0e:9e:aa:16:83:02:06:
                    2d:3a:c5:07:5c:73:49:46:2c:d7:ed:7f:3a:4f:82:
                    78:ab:e4:32:c5:9a:c0:0c:27:44:c1:8b:32:1a:67:
                    2b:22:32:ec:6e:d9:9e:cb:e9:b2:d2:61:d9:6e:05:
                    ed:2a:b7:81:83:6f:ec:02:f7:b7:da:c7:38:71:d9:
                    e7:d9:3e:65:ae:f1:65:89:03:d0:b7:bc:15:6d:6c:
                    5c:47:f5:3b:3a:df:02:b9:9c:b3:bc:2c:be:06:18:
                    e5:92:e9:32:0e:e3:fc:ef:0b:13:0d:c6:02:99:a1:
                    6b:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:B6:4F:87:E9:7D:36:A2:F2:F5:CF:E7:77:E8:14:41:E8:F2:C5:9D
            X509v3 Authority Key Identifier:
                keyid:21:6A:D1:D7:5A:93:E0:37:AE:94:F6:C9:18:96:D2:D5:82:D8:FF:54

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IWrR11qT4DeulPbJGJbS1YLY_1Q.cer

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber
                  CPS: https://www.apnic.net/RPKI/CPS.pdf

            Subject Information Access:
                Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDDD1/68C1D4963BD011EE8BAC351AC4F9AE02/IWrR11qT4DeulPbJGJbS1YLY_1Q.mft
                RPKI Notify - URI:https://rrdp.apnic.net/notification.xml

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

    Signature Algorithm: sha256WithRSAEncryption
         ae:d3:c2:d9:e4:35:45:d4:15:4e:76:11:2a:e8:fe:7d:bb:a9:
         db:0f:6e:46:b4:5a:1a:8a:24:71:93:e9:1e:a2:b4:6a:fc:dd:
         9f:78:18:f2:e0:b3:c3:12:e9:28:f7:02:b6:95:06:7d:e8:bf:
         70:ed:41:cd:62:45:ba:e1:b4:d3:23:fa:7b:f3:81:7c:e4:92:
         9d:24:b1:25:5b:00:32:8d:09:5f:6d:38:ec:4d:91:6c:33:8c:
         a2:ec:21:c6:50:77:21:01:91:af:d9:35:c8:12:ee:53:26:83:
         24:7f:5d:cb:0c:6b:2a:52:86:9a:e1:c8:cf:85:e3:e1:51:ac:
         a5:7e:7e:2a:58:7d:f5:cd:ab:90:3a:3c:ba:3e:9a:3c:08:82:
         8f:85:a7:e7:4a:be:b5:a0:8d:ee:86:43:e2:02:91:cd:d0:af:
         76:48:6a:84:39:26:ff:33:64:94:ed:a2:e1:2f:fa:a1:f0:81:
         79:20:d6:6e:37:ad:00:5e:24:e3:23:83:0c:75:b0:1b:9e:09:
         7c:c6:f6:5a:84:47:51:5d:43:84:ad:f5:77:de:e2:0a:5d:3a:
         43:fa:ad:3c:2b:48:00:d1:32:d8:42:34:50:83:ac:51:a2:53:
         4d:7f:71:51:8a:0f:80:86:21:26:9c:1b:1d:2e:9d:34:8b:08:
         9b:96:4d:78
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgICAX8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
RkRERDExMTAvBgNVBAUTKDIxNkFEMUQ3NUE5M0UwMzdBRTk0RjZDOTE4OTZEMkQ1
ODJEOEZGNTQwHhcNMjUwNzIzMDQwNTA1WhcNMjUwNzMwMDQwNTA1WjAYMRYwFAYD
VQQDEw02ODgwNWY3MS0wNDE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAmSJDQEDFrvXMgOaTGPccOaNAlCmL2GRYJU9UZCheVtLRDfq1p0UyvyZruLFI
dqtRgh2nEd41gzkEJdO+WJ9xWThSNA5+NNtPxUJib1Lpibg9Ja5X0OIcE7/7t0fS
V352k/NqxGpL2sjUNHbcX9S0+is2oHb7eSD9Z85y+VgE+nRjI6qulF0QW8lxKufR
6A6eqhaDAgYtOsUHXHNJRizX7X86T4J4q+QyxZrADCdEwYsyGmcrIjLsbtmey+my
0mHZbgXtKreBg2/sAve32sc4cdnn2T5lrvFliQPQt7wVbWxcR/U7Ot8CuZyzvCy+
BhjlkukyDuP87wsTDcYCmaFrOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGK2T4fp
fTai8vXP53foFEHo8sWdMB8GA1UdIwQYMBaAFCFq0ddak+A3rpT2yRiW0tWC2P9U
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREREMS82OEMxRDQ5NjNC
RDAxMUVFOEJBQzM1MUFDNEY5QUUwMi9JV3JSMTFxVDREZXVsUGJKR0piUzFZTFlf
MVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL0lXclIxMXFUNERldWxQYkpHSmJTMVlMWV8xUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw
C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG
REREMS82OEMxRDQ5NjNCRDAxMUVFOEJBQzM1MUFDNEY5QUUwMi9JV3JSMTFxVDRE
ZXVsUGJKR0piUzFZTFlfMVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu
YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF
ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB
CwUAA4IBAQCu08LZ5DVF1BVOdhEq6P59u6nbD25GtFoaiiRxk+keorRq/N2feBjy
4LPDEuko9wK2lQZ96L9w7UHNYkW64bTTI/p784F85JKdJLElWwAyjQlfbTjsTZFs
M4yi7CHGUHchAZGv2TXIEu5TJoMkf13LDGsqUoaa4cjPhePhUaylfn4qWH31zauQ
Ojy6Ppo8CIKPhafnSr61oI3uhkPiApHN0K92SGqEOSb/M2SU7aLhL/qh8IF5INZu
N60AXiTjI4MMdbAbngl8xvZahEdRXUOErfV33uIKXTpD+q08K0gA0TLYQjRQg6xR
olNNf3FRig+AhiEmnBsdLp00iwiblk14
-----END CERTIFICATE-----
Generated at Thu Jul 24 12:15:19 2025 by rpki-client